Part I Overview of System and Network Security: A Comprehensive Introduction Chapter 1 Building a Secure Organization 1.1 OBSTACLES TO SECURITY 1.2 TEN STEPS TO BUILDING A SECURE ORGANIZATION 1.3 DON''T FORGET THE BASICS 1.4 PREPARING FOR THE BUILDING OF SECURITY CONTROL ASSESSMENTS 1.5 SUMMARY 1.6 CHAPTER REVIEW QUESTIONS/EXERCISES 1.7 OPTIONAL TEAM CASE PROJECT Chapter 2 A Cryptography Primer 2.
1 WHAT IS CRYPTOGRAPHY? WHAT IS ENCRYPTION? 2.2 FAMOUS CRYPTOGRAPHIC DEVICES 2.3 CIPHERS 2.4 MODERN CRYPTOGRAPHY 2.5 THE COMPUTER AGE 2.6 HOW AES WORKS 2.7 SELECTING CRYPTOGRAPHY: THE PROCESS 2.8 SUMMARY 2.
9 CHAPTER REVIEW QUESTIONS/EXERCISES 2.9 OPTIONAL TEAM CASE PROJECT Chapter 3 Detecting System Intrusions 3.1 INTRODUCTION 3.2 MONITORING KEY FILES IN THE SYSTEM 3.3 SECURITY OBJECTIVES 3.4 0DAY ATTACKS 3.5 GOOD KNOWN STATE 3.6 ROOTKITS 3.
7 LOW HANGING FRUIT 3.8 ANTIVIRUS SOFTWARE 3.9 HOMEGROWN INTRUSION DETECTION 3.10 FULL PACKET CAPTURE DEVICES 3.11 OUT OF BAND ATTACK VECTORS 3.12 SECURITY AWARENESS TRAINING 3.13 DATA CORRELATION 3.14 SIEM 3.
15 OTHER WEIRD STUFF ON THE SYSTEM 3.16 DETECTION 3.17 NETWORK-BASED DETECTION OF SYSTEM INTRUSIONS (DSIS) 3.18 SUMMARY 3.19 CHAPTER REVIEW QUESTIONS/EXERCISES 3.20 OPTIONAL TEAM CASE PROJECT Chapter 4 Preventing System Intrusions 4.1 SO, WHAT IS AN INTRUSION? 4.2 SOBERING NUMBERS 4.
3 KNOW YOUR ENEMY: HACKERS VERSUS CRACKERS 4.4 MOTIVES 4.5 THE CRACKERS'' TOOLS OF THE TRADE 4.6 BOTS 4.7 SYMPTOMS OF INTRUSIONS 4.8 WHAT CAN YOU DO? 4.9 SECURITY POLICIES 4.10 RISK ANALYSIS 4.
11 TOOLS OF YOUR TRADE 4.12 CONTROLLING USER ACCESS 4.13 INTRUSION PREVENTION CAPABILITIES 4.14 SUMMARY 4.15 CHAPTER REVIEW QUESTIONS/EXERCISES 4.16 OPTIONAL TEAM CASE PROJECT CHAPTER 5 Guarding Against Network Intrusions 5.1 TRADITIONAL RECONNAISSANCE AND ATTACKS 5.2 MALICIOUS SOFTWARE 5.
3 DEFENSE IN DEPTH 5.4 PREVENTIVE MEASURES 5.5 INTRUSION MONITORING AND DETECTION 5.6 REACTIVE MEASURES 5.7 NETWORK-BASED INTRUSION PROTECTION 5.6 SUMMARY 5.7 CHAPTER REVIEW QUESTIONS/EXERCISES 5.8 OPTIONAL TEAM CASE PROJECT CHAPTER 6 Securing Cloud Computing Systems 6.
1 CLOUD COMPUTING ESSENTIALS: EXAMINING THE CLOUD LAYERS 6.2 SOFTWARE AS A SERVICE (SAAS): MANAGING RISKS IN THE CLOUD 6.3 PLATFORM AS A SERVICE (PAAS): SECURING THE PLATFORM 6.4 INFRASTRUCTURE AS A SERVICE (IAAS) 6.5 LEVERAGING PROVIDER-SPECIFIC SECURITY OPTIONS 6.6 ACHIEVING SECURITY IN A PRIVATE CLOUD 6.7 MEETING COMPLIANCE REQUIREMENTS 6.8 PREPARING FOR DISASTER RECOVERY 6.
9 SUMMARY 6.10 CHAPTER REVIEW QUESTIONS/EXERCISES 6.11 OPTIONAL TEAM CASE PROJECT CHAPTER 7 Fault Tolerance and Resilience in Cloud Computing Environments 7.1 INTRODUCTION 7.2 CLOUD COMPUTING FAULT MODEL 7.3 BASIC CONCEPTS ON FAULT TOLERANCE 7.4 DIFFERENT LEVELS OF FAULT TOLERANCE IN CLOUD COMPUTING 7.5 FAULT TOLERANCE AGAINST CRASH FAILURES IN CLOUD COMPUTING 7.
6 FAULT TOLERANCE AGAINST BYZANTINE FAILURES IN CLOUD COMPUTING 7.7 FAULT TOLERANCE AS A SERVICE IN CLOUD COMPUTING 7.8 SUMMARY 7.9 CHAPTER REVIEW QUESTIONS/EXERCISES 7.10 OPTIONAL TEAM CASE PROJECT CHAPTER 8 Securing Web Applications, Services and Servers 8.1 SETTING THE STAGE 8.2 BASIC SECURITY FOR HTTP APPLICATIONS AND SERVICES 8.3 BASIC SECURITY FOR SOAP SERVICES 8.
4 IDENTITY MANAGEMENT AND WEB SERVICES 8.5 AUTHORIZATION PATTERNS 8.6 SECURITY CONSIDERATIONS 8.7 CHALLENGES 8.8 SUMMARY 8.9 CHAPTER REVIEW QUESTIONS/EXERCISES 8.10 OPTIONAL TEAM CASE PROJECT CHAPTER 9 Unix and Linux Security 9.1 UNIX AND SECURITY 9.
2 BASIC UNIX SECURITY OVERVIEW 9.3 ACHIEVING UNIX SECURITY 9.4 PROTECTING USER ACCOUNTS AND STRENGTHENING AUTHENTICATION 9.5 LIMITING SUPERUSER PRIVILEGES 9.6 SECURING LOCAL AND NETWORK FILE SYSTEMS 9.7 NETWORK CONFIGURATION 9.8 ADDITIONAL RESOURCES 9.9 IMPROVING THE SECURITY OF LINUX AND UNIX SYSTEMS 9.
10 SUMMARY 9.11 CHAPTER REVIEW QUESTIONS/EXERCISES 9.12 OPTIONAL TEAM CASE PROJECT CHAPTER 10 Eliminating the Security Weakness of Linux and UNIX Operating Systems 10.1 INTRODUCTION 10.2 HARDENING LINUX AND UNIX 10.3 PROACTIVE DEFENSE FOR LINUX AND UNIX 10.4 SUMMARY 10.5 CHAPTER REVIEW QUESTIONS/EXERCISES 10.
6 OPTIONAL TEAM CASE PROJECT CHAPTER 11 Internet Security 11.1 INTERNET PROTOCOL ARCHITECTURE 11.2 AN INTERNET THREAT MODEL 11.3 DEFENDING AGAINST ATTACKS ON THE INTERNET 11.4 INTERNET SECURITY CHECKLIST 11.5 SUMMARY 11.6 CHAPTER REVIEW QUESTIONS/EXERCISES 11.7 OPTIONAL TEAM CASE PROJECT CHAPTER 12 The Botnet Problem 12.
1 INTRODUCTION 12.2 BOTNET OVERVIEW 12.3 TYPICAL BOT LIFE CYCLE 12.4 THE BOTNET BUSINESS MODEL 12.5 BOTNET DEFENSE 12.6 BOTMASTER TRACEBACK 12.7 PREVENTING BOTNETS 12.8 SUMMARY 12.
9 CHAPTER REVIEW QUESTIONS/EXERCISES 12.10 OPTIONAL TEAM CASE PROJECT CHAPTER 13 Intranet Security 13.1 SMARTPHONES & TABLETS IN THE INTRANET 13.2 SECURITY CONSIDERATIONS 13.3 PLUGGING THE GAPS: NAC AND ACCESS CONTROL 13.4 MEASURING RISK: AUDITS 13.5 GUARDIAN AT THE GATE: AUTHENTICATION AND ENCRYPTION 13.6 WIRELESS NETWORK SECURITY 13.
7 SHIELDING THE WIRE: NETWORK PROTECTION 13.8 WEAKEST LINK IN SECURITY: USER TRAINING 13.9 DOCUMENTING THE NETWORK: CHANGE MANAGEMENT 13.10 REHEARSE THE INEVITABLE: DISASTER RECOVERY 13.11 CONTROLLING HAZARDS: PHYSICAL AND ENVIRONMENTAL PROTECTION 13.12 KNOW YOUR USERS: PERSONNEL SECURITY 13.13 PROTECTING DATA FLOW: INFORMATION AND SYSTEM INTEGRITY 13.14 SECURITY ASSESSMENTS 13.
15 RISK ASSESSMENTS 13.16 INTRANET SECURITY CHECKLIST 13.17 SUMMARY 13.18 CHAPTER REVIEW QUESTIONS/EXERCISES 13.19 OPTIONAL TEAM CASE PROJECT CHAPTER 14 Local Area Network Security 14.1 IDENTIFY NETWORK THREATS 14.2 ESTABLISH NETWORK ACCESS CONTROLS 14.3 RISK ASSESSMENT 14.
4 LISTING NETWORK RESOURCES 14.5 THREATS 14.6 SECURITY POLICIES 14.7 THE INCIDENT-HANDLING PROCESS 14.8 SECURE DESIGN THROUGH NETWORK ACCESS CONTROLS 14.9 IDS DEFINED 14.10 NIDS: SCOPE AND LIMITATIONS 14.11 A PRACTICAL ILLUSTRATION OF NIDS 14.
12 FIREWALLS 14.13 DYNAMIC NAT CONFIGURATION 14.14 THE PERIMETER 14.15 ACCESS LIST DETAILS 14.16 TYPES OF FIREWALLS 14.17 PACKET FILTERING: IP FILTERING ROUTERS 14.18 APPLICATION-LAYER FIREWALLS: PROXY SERVERS 14.19 STATEFUL INSPECTIO FIREWALLS 14.
20 NIDS COMPLEMENTS FIREWALLS 14.21 MONITOR AND ANALYZE SYSTEM ACTIVITIES 14.22 SIGNATURE ANALYSIS 14.23 STATISTICAL ANALYSIS 14.24 SIGNATURE ALGORITHMS 14.25 SUMMARY 14.26 CHAPTER REVIEW QUESTIONS/EXERCISES 14.27 OPTIONAL TEAM CASE PROJECT CHAPTER 15 Wireless Network Security 15.
1 CELLULAR NETWORKS 15.2 WIRELESS AD HOC NETWORKS 15.3 SECURITY PROTOCOLS 15.4 WEP 15.5 WPA and WPA2 15.6 SPINS: Security Protocols for Sensor Networks 15.7 SECURE ROUTING 15.8 SEAD 15.
9 ARAN 15.10 SLSP 15.11 KEY ESTABLISHMENT 15.12 ING 15.13 MANAGEMENT COUNTERMEASURES 15.14 SUMMARY 15.15 CHAPTER REVIEW QUESTIONS/EXERCISES 15.16 OPTIONAL TEAM CASE PROJECT CHAPTER 16 Wireless Sensor Network Security 16.
1 INTRODUCTION TO WIRELESS SENSOR NETWORK (WSN) 16.2 SUMMARY 16.3 CHAPTER REVIEW QUESTIONS/EXERCISES 16.4 OPTIONAL TEAM CASE PROJECT CHAPTER 17 Cellular Network Security 17.1 INTRODUCTION TO WIRELESS SENSOR NETWORK (WSN) 17.2 OVERVIEW OF CELLULAR NETWORKS 17.3 THE STATE OF THE ART OF CELLULAR NETWORK SECURITY 17.4 CELLULAR NETWORK ATTACK TAXONOMY 17.
5 CELLULAR NETWORK VULNERABILITY ANALYSIS 17.6 (aCAT) 17.7 (eCAT) 17.8 SUMMARY 17.9 CHAPTER REVIEW QUESTIONS/EXERCISES 17.10 OPTIONAL TEAM CASE PROJECT CHAPTER 18 RFID Security 18.1 RFID INTRODUCTION 18.2 RFID CHALLENGES 18.
3 RFID PROTECTIONS 18.4 SUMMARY 18.5 CHAPTER REVIEW QUESTIONS/EXERCISES 18.6 OPTIONAL TEAM CASE PROJECT CHAPTER 19 Optical Network Security 19.1 OPTICAL NETWORKS 19.2 SECURING OPTICAL NETWORKS 19.3 IDENTIFY VULNERABILITIES 19.4 CORRECTIVE ACTIONS 19.
5 SUMMARY 19.6 CHAPTER REVIEW QUESTIONS/EXERCISES 19.7 OPTIONAL TEAM CASE PROJECT CHAPTER 20 Optical Wireless Security 20.1 OPTICAL WIRELESS SYSTEMS OVERVIEW 20.2 DEPLOYMENT ARCHITECTURES 20.3 HIGH BANDWIDTH 20.4 LOW COST 20.5 IMPLEMENTATION 20.
6 SURFACE AREA 20.7 SUMMARY 20.8 CHAPTER REVIEW QUESTIONS/EXERCISES 20.9 OPTIONAL TEAM CASE PROJECT Part II Managing Information Security CHAPTER 21 Information Security Essentials for IT Managers: Protecting Mission-Critical Systems 21.1 INFORMATION SECURITY ESSENTIALS FOR IT MANAGERS 21.2 OVERVIEW 21.3 PROTECTING MISSION-CRITICAL SYSTEMS 21.4 INFORMATION SECURITY FROM THE GROUND UP 21.
5 SECURITY MONITORING AND EFFECTIVENESS 21.6 SUMMARY 21.7 CHAPTER REVIEW QUESTIONS/EXERCISES 21.8 OPTIONAL TEAM CASE PROJECT CHAPTER 22 Security Management Systems 22.1 SECURITY MANAGEMENT SYSTEM STANDARDS 22.2 TRAINING REQUIREMENTS 22.3 PRINCIPLES OF INFORMATION SECURITY 22.4 ROLES AND RESPONSIBILITIES OF PERSONNEL 22.
5 SECURITY POLICIES 22.6 SECURITY CONTROLS 22.7 NETWORK ACCESS 22.8 RISK ASSESSMENT 22.9 INCIDENT RESPONSE 22.10 SUMMARY 22.11 CHAPTER REVIEW QUESTIONS/EXERCISES 22.12 OPTIONAL TEAM CASE PROJECT CHAPTER 23 Policy-driven System Management 23.
1 INTRODUCTION 23.2 SECURITY AND POLICY-BASED MANAGEMENT 23.3 CLASSIFICAION AND LANGUAGES 23.4 CONTROLS FOR ENFORCING SECURITY POLICIES IN DISTRIBUTED SYSTEMS 23.5 PRODUCTS AND TECHNOLOGIES 23.6 RESEARCH PROJECTS 23.7 SUMMARY 23.8 CHAPTER REVIEW QUESTIONS/EXERCISES 23.
9 OPTIONAL TEAM CASE PROJECT CHAPTER 24 Information Technology Security Management 24.1 INFORMATION SECURITY MANAGEMENT STANDARDS 24.2 OTHER ORGANIZATIONS INVOLVED IN STANDARDS 24.3 INFORMATION TECHNOLOGY SECURITY ASPECTS 24.4 SUMMARY 24.5 CHAPTER REVIEW QUESTIONS/EXERCISES 24.6 OPTIONAL TEAM CASE PROJECT CHAPTER 25 Online Identity and User Management Services 25.1 INTRODUCTION 25.
2 EVOLUTION OF IDENTITY MANAGEMENT REQUIREMENTS 25.3 THE REQUIREMENTS FULFILLED BY IDENTITY MANAGEMENT TECHNOLOGIES 25.4 IDENTITY MANAGEMENT 1.0 25.5 SOCIAL LOGIN AND USER MANAGEMENT 25.6 IDENTITY 2.0 FOR MOBILE U.